You’ve probably heard that scammers are tricking people into giving them their personal information through phishing scams that look like emails from legitimate companies or services, such as banks or social media sites. But how can you tell the difference between what’s real and what’s fake? Here are three ways to tell if an email asking you to click on a password reset link is legitimate or not.
More than 250 million people get targeted with malicious links or attachments in their inboxes every month. While it’s fairly easy to avoid getting into trouble if you know what to look for, not everyone does, which is why it’s important to learn how to tell genuine e-mails from scams. These are some of my top tips on how not fall victim when an attacker wants your username, password or any other kind of personal information. Don’t click random links: If you don’t recognize an email address that has sent you something — especially one that contains a password reset link — don’t click it. Legitimate companies will never send password reset instructions like that over email; instead, they will generally include security questions so you can change your password without having to enter sensitive details. Be wary of senders who have been compromised: In 2014, several tech companies including Twitter and Spotify saw hackers break into their services through employee accounts due to weak passwords. What might start as an account compromise could quickly turn into phishing attacks or data theft, so be sure to change all passwords just in case whenever there is a security breach at another service provider online.
If you receive an email from your bank asking you to update your account info, resist that urge for just a second. One of biggest ways scammers steal information is by tricking users into visiting fake websites. To avoid falling victim, always hover over any link before clicking it. If it doesn’t look right—if it’s not on your bank’s site or on any site you recognize—just type in its URL manually. And if you don’t know who sent an email? Delete it immediately. It’s better to be safe than sorry!
Many scammers will try to make their messages seem urgent by including a line at the top of an email, even if there’s no subject. This is often called the hook or the subject line. If you see one of these in an email from an unknown sender, it’s probably best not to click any links contained in that message. If you aren’t expecting something from someone, don’t open it. Phishing scams are designed to get unsuspecting users to act quickly; whether it be clicking on a link or revealing login information, many users fall for phishing attempts because they just want an issue solved immediately. Some emails purport to be communications about financial matters; others ask for your credit card details. Just because you feel pressure doesn’t mean you have to give into it; ignore suspicious emails, particularly those with strange or overly demanding requests attached.
Online scams are growing more sophisticated every day, with scammers finding new ways to fool people into revealing personal information. Many try phishing attacks, which trick users into giving up passwords or other sensitive data by pretending to be trustworthy sources. These can look like an official password reset link in an email—which will take you to a site looking identical to your bank’s website—or can pose as Google Docs that require you enter your username and password for verification purposes.
Phishing scams are prevalent online. At any given time, there are probably thousands of them floating around in your inbox. But how do you know if an email is actually from who it claims to be? The answer: You can’t always trust it. Always be vigilant. If you are unsure, all clients of Spruce Tree Media include free e-mail inspection.